Improper File Control in Google App Engine Python SDK by Google
CVE-2011-4211

Currently unrated

Key Information:

Vendor

Google
Status
App Engine Python Sdk
Vendor
CVE Published:
30 October 2011

What is CVE-2011-4211?

A vulnerability exists in the FakeFile implementation of the Google App Engine Python SDK prior to version 1.5.4, which fails to properly restrict file opening. This lapse allows local users to circumvent access controls, potentially enabling the creation of arbitrary files through manipulated parameters. This incident poses significant risks by compromising file integrity and system security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://code.google.com/p/googleappengine/wiki/SdkReleaseN...
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/71064
vdb-entryx_refsource_XF
http://blog.watchfire.com/files/googleappenginesdk.pdf
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.